[openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Richard Levitte
levitte at openssl.org
Wed May 18 16:39:02 UTC 2016
The branch OpenSSL_1_0_2-stable has been updated
via 54fc5795c9f7d0dc95d537672c716c9d250eb0fb (commit)
via 7229a91a48d706804f790a392b3ad50bc358cdc4 (commit)
via 87728c682995d0575b52a5a19d69405bb764e76e (commit)
from cbacc6f7e96b2d6d6d2ae3c1984ca7df439fe4c5 (commit)
- Log -----------------------------------------------------------------
commit 54fc5795c9f7d0dc95d537672c716c9d250eb0fb
Author: Richard Levitte <levitte at openssl.org>
Date: Wed May 18 17:39:33 2016 +0200
Document the esc_2254 command line name option
RT#1466
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit a37458c1bf76c603cc27e8baf32ac2aa1cd7662e)
commit 7229a91a48d706804f790a392b3ad50bc358cdc4
Author: Richard Levitte <levitte at openssl.org>
Date: Wed May 18 17:33:53 2016 +0200
make update
RT#1466
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit 0794b6a6a8a9a1dc1c7b0f9cfaf804253af29cdc)
commit 87728c682995d0575b52a5a19d69405bb764e76e
Author: Richard Levitte <levitte at openssl.org>
Date: Wed May 18 17:14:19 2016 +0200
Make it possible to have RFC2254 escapes with ASN1_STRING_print_ex()
Also adds 'esc_2254' to the possible command line name options
RT#1466
Reviewed-by: Rich Salz <rsalz at openssl.org>
(cherry picked from commit bc776510982b3768761d32c1160e79cb45a561c3)
-----------------------------------------------------------------------
Summary of changes:
apps/apps.c | 1 +
crypto/asn1/a_strex.c | 21 +++++++++++++--------
crypto/asn1/asn1.h | 5 +++++
crypto/asn1/charmap.h | 8 ++++----
crypto/asn1/charmap.pl | 11 ++++++++++-
doc/apps/x509.pod | 7 ++++++-
6 files changed, 39 insertions(+), 14 deletions(-)
diff --git a/apps/apps.c b/apps/apps.c
index b1dd970..566d547 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1321,6 +1321,7 @@ int set_name_ex(unsigned long *flags, const char *arg)
{
static const NAME_EX_TBL ex_tbl[] = {
{"esc_2253", ASN1_STRFLGS_ESC_2253, 0},
+ {"esc_2254", ASN1_STRFLGS_ESC_2254, 0},
{"esc_ctrl", ASN1_STRFLGS_ESC_CTRL, 0},
{"esc_msb", ASN1_STRFLGS_ESC_MSB, 0},
{"use_quote", ASN1_STRFLGS_ESC_QUOTE, 0},
diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c
index 35fd44c..5fa7a31 100644
--- a/crypto/asn1/a_strex.c
+++ b/crypto/asn1/a_strex.c
@@ -75,6 +75,7 @@
#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
+ ASN1_STRFLGS_ESC_2254 | \
ASN1_STRFLGS_ESC_QUOTE | \
ASN1_STRFLGS_ESC_CTRL | \
ASN1_STRFLGS_ESC_MSB)
@@ -124,7 +125,8 @@ typedef int char_io (void *arg, const void *buf, int len);
static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
char_io *io_ch, void *arg)
{
- unsigned char chflgs, chtmp;
+ unsigned short chflgs;
+ unsigned char chtmp;
char tmphex[HEX_SIZE(long) + 3];
if (c > 0xffffffffL)
@@ -161,7 +163,9 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
return -1;
return 2;
}
- if (chflgs & (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB)) {
+ if (chflgs & (ASN1_STRFLGS_ESC_CTRL
+ | ASN1_STRFLGS_ESC_MSB
+ | ASN1_STRFLGS_ESC_2254)) {
BIO_snprintf(tmphex, 11, "\\%02X", chtmp);
if (!io_ch(arg, tmphex, 3))
return -1;
@@ -191,11 +195,12 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
*/
static int do_buf(unsigned char *buf, int buflen,
- int type, unsigned char flags, char *quotes, char_io *io_ch,
+ int type, unsigned short flags, char *quotes, char_io *io_ch,
void *arg)
{
int i, outlen, len;
- unsigned char orflags, *p, *q;
+ unsigned short orflags;
+ unsigned char *p, *q;
unsigned long c;
p = buf;
q = buf + buflen;
@@ -245,7 +250,7 @@ static int do_buf(unsigned char *buf, int buflen,
* character will never be escaped on first and last.
*/
len =
- do_esc_char(utfbuf[i], (unsigned char)(flags | orflags),
+ do_esc_char(utfbuf[i], (unsigned short)(flags | orflags),
quotes, io_ch, arg);
if (len < 0)
return -1;
@@ -253,7 +258,7 @@ static int do_buf(unsigned char *buf, int buflen,
}
} else {
len =
- do_esc_char(c, (unsigned char)(flags | orflags), quotes,
+ do_esc_char(c, (unsigned short)(flags | orflags), quotes,
io_ch, arg);
if (len < 0)
return -1;
@@ -355,10 +360,10 @@ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags,
int outlen, len;
int type;
char quotes;
- unsigned char flags;
+ unsigned short flags;
quotes = 0;
/* Keep a copy of escape flags */
- flags = (unsigned char)(lflags & ESC_FLAGS);
+ flags = (unsigned short)(lflags & ESC_FLAGS);
type = str->type;
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 68e791f..09335a9 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -505,6 +505,11 @@ typedef const ASN1_ITEM *ASN1_ITEM_EXP (void);
# define ASN1_STRFLGS_DUMP_DER 0x200
/*
+ * This flag specifies that RC2254 escaping shall be performed.
+ */
+#define ASN1_STRFLGS_ESC_2254 0x400
+
+/*
* All the string flags consistent with RFC2253, escaping control characters
* isn't essential in RFC2253 but it is advisable anyway.
*/
diff --git a/crypto/asn1/charmap.h b/crypto/asn1/charmap.h
index 3305ad1..117a91e 100644
--- a/crypto/asn1/charmap.h
+++ b/crypto/asn1/charmap.h
@@ -3,13 +3,13 @@
* properties
*/
-static const unsigned char char_type[] = {
+static const unsigned short char_type[] = {
+ 1026, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
- 120, 0, 1, 40, 0, 0, 0, 16, 16, 16, 0, 25, 25, 16, 16, 16,
+ 120, 0, 1, 40, 0, 0, 0, 16, 1040, 1040, 1024, 25, 25, 16, 16, 16,
16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 9, 9, 16, 9, 16,
0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
- 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1, 0, 0, 0,
+ 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1025, 0, 0, 0,
0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 2
};
diff --git a/crypto/asn1/charmap.pl b/crypto/asn1/charmap.pl
index 25ebf2c..6c6eb34 100644
--- a/crypto/asn1/charmap.pl
+++ b/crypto/asn1/charmap.pl
@@ -18,6 +18,7 @@ my $NOESC_QUOTE = 8; # Not escaped if quoted
my $PSTRING_CHAR = 0x10; # Valid PrintableString character
my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character
my $RFC2253_LAST_ESC = 0x40; # Escaped with \ if last character
+my $RFC2254_ESC = 0x400; # Character escaped \XX
for($i = 0; $i < 128; $i++) {
# Set the RFC2253 escape characters (control)
@@ -49,6 +50,14 @@ $arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC;
$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC;
$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC;
+# Remaining RFC2254 characters
+
+$arr[0] |= $RFC2254_ESC;
+$arr[ord("(")] |= $RFC2254_ESC;
+$arr[ord(")")] |= $RFC2254_ESC;
+$arr[ord("*")] |= $RFC2254_ESC;
+$arr[ord("\\")] |= $RFC2254_ESC;
+
# Remaining PrintableString characters
$arr[ord(" ")] |= $PSTRING_CHAR;
@@ -71,7 +80,7 @@ print <<EOF;
* Mask of various character properties
*/
-static unsigned char char_type[] = {
+static unsigned short char_type[] = {
EOF
for($i = 0; $i < 128; $i++) {
diff --git a/doc/apps/x509.pod b/doc/apps/x509.pod
index 26f71c8..13db4c0 100644
--- a/doc/apps/x509.pod
+++ b/doc/apps/x509.pod
@@ -464,10 +464,15 @@ B<space_eq>, B<lname> and B<align>.
=item B<esc_2253>
-escape the "special" characters required by RFC2253 in a field That is
+escape the "special" characters required by RFC2253 in a field. That is
B<,+"E<lt>E<gt>;>. Additionally B<#> is escaped at the beginning of a string
and a space character at the beginning or end of a string.
+=item B<esc_2254>
+
+escape the "special" characters required by RFC2254 in a field. That is
+the B<NUL> character as well as and B<()*>.
+
=item B<esc_ctrl>
escape control characters. That is those with ASCII values less than
More information about the openssl-commits
mailing list